Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/oKYbJL_JQNVFNhNMM1cZ99NC6DM.roa
File: oKYbJL_JQNVFNhNMM1cZ99NC6DM.roa (raw, json)
Hash identifier: yozFAJCshsmsq9xsiRy0WeXk6ZtGaHpZhKg2pW7bmWA=
Subject key identifier: A0:A6:1B:24:BF:C9:40:D5:45:36:13:4C:33:57:19:F7:D3:42:E8:33
Certificate issuer: /CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Certificate serial: 018CC9BC02EA86C373E244C7729FEBDA101B
Authority key identifier: EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/oKYbJL_JQNVFNhNMM1cZ99NC6DM.roa
Signing time: Tue 02 Jan 2024 10:33:10 +0000
ROA not before: Tue 02 Jan 2024 10:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42459
IP address blocks: 212.45.67.0/24 maxlen: 24
212.45.65.0/24 maxlen: 24
212.45.72.0/21 maxlen: 24
79.134.48.0/20 maxlen: 32
79.134.56.0/21 maxlen: 24
193.32.4.0/23 maxlen: 23
193.32.0.0/23 maxlen: 23
212.45.64.0/20 maxlen: 32
212.45.64.0/21 maxlen: 24
2a02:2660::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:02:ea:86:c3:73:e2:44:c7:72:9f:eb:da:10:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Validity
Not Before: Jan 2 10:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0a61b24bfc940d54536134c335719f7d342e833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:74:3b:82:a2:5c:46:19:54:34:bc:99:3d:bd:
6f:e6:8f:db:e3:d8:a3:2d:f0:fa:5c:34:50:e4:00:
e4:77:dd:fc:22:72:a7:93:a6:14:20:11:c8:e6:8f:
07:cd:5c:05:83:01:92:93:b3:f2:86:4a:23:ef:49:
1b:1f:e6:dc:03:b1:92:cf:c1:91:bc:49:da:89:86:
1b:0b:92:45:7d:0d:12:28:4c:9e:51:f1:e1:00:32:
d7:dc:35:bd:02:bd:5c:f7:61:77:44:a3:db:be:60:
4a:ec:04:31:3e:0a:94:a7:81:06:af:eb:6d:11:c3:
b3:b9:61:ec:0a:93:00:4d:2f:f4:8d:2a:c0:a7:78:
36:df:18:a0:ef:23:af:37:48:ec:ed:66:ee:56:95:
bf:ee:93:44:8c:77:61:6e:71:1a:5d:02:d8:48:1b:
9c:41:72:c4:72:f9:0e:04:53:ad:e5:8b:11:4f:f7:
8e:d4:b7:8f:d2:c6:43:55:e6:6f:94:6d:0c:c1:b3:
7b:7d:af:9e:d6:35:0a:00:60:d5:94:ce:05:a2:fd:
7e:19:e7:df:e1:d1:c0:44:05:f2:76:5f:7f:08:f1:
29:29:90:d7:09:c8:59:1a:47:86:c4:25:3e:8e:a8:
9f:ac:14:42:a8:a3:a1:a4:35:83:c9:ad:97:6f:ee:
13:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A6:1B:24:BF:C9:40:D5:45:36:13:4C:33:57:19:F7:D3:42:E8:33
X509v3 Authority Key Identifier:
keyid:EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/oKYbJL_JQNVFNhNMM1cZ99NC6DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.134.48.0/20
193.32.0.0/23
193.32.4.0/23
212.45.64.0/20
IPv6:
2a02:2660::/32
Signature Algorithm: sha256WithRSAEncryption
86:35:59:c5:8b:84:e2:97:29:49:c0:20:d9:67:46:b8:a0:1e:
7f:30:d2:2a:37:30:99:9f:6b:23:88:c0:88:9c:a0:23:ce:d6:
2b:0a:9c:7a:46:54:9e:32:70:e4:31:81:96:8e:4a:93:2f:b6:
bf:4a:72:7e:2f:3d:e6:40:96:d6:a1:42:2e:00:d8:32:32:f6:
32:b6:a7:20:89:1b:47:9c:1c:dd:50:80:49:63:fa:6f:d2:a0:
2f:81:27:9f:7a:15:cf:83:cc:a1:f8:ee:d9:b8:d8:24:78:2d:
3a:b7:b5:59:6b:e4:1e:e3:e4:95:4d:19:6b:69:0b:04:de:11:
60:21:4e:ab:57:41:e9:12:d9:b2:3e:52:95:98:c4:27:0b:01:
41:4f:5b:e5:fd:7a:58:c0:ba:4e:1a:be:59:53:d9:29:a3:db:
d1:58:10:06:d5:d5:9b:b5:05:13:a5:a1:1d:b1:d7:0d:43:81:
be:5f:a7:0e:b1:88:20:02:85:dc:53:10:45:92:1d:84:01:b2:
07:63:df:e4:aa:12:cd:f3:90:3d:4d:87:d7:a1:e1:68:7d:a0:
20:a8:b6:0b:a8:ce:0e:e2:41:4f:88:98:38:95:71:ba:86:21:
c0:11:96:01:6c:0e:99:89:ab:84:00:08:e9:b9:b8:01:44:05:
09:22:cd:9c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJvALqhsNz4kTHcp/r2hAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYmMwZDYwYmQzYTkwYmQ1ZTMxNTA5ZGVhZGY0NDcwNzZi
MDc4ZDgwHhcNMjQwMTAyMTAzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGE2MWIyNGJmYzk0MGQ1NDUzNjEzNGMzMzU3MTlmN2QzNDJlODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHQ7gqJcRhlUNLyZPb1v5o/b49ij
LfD6XDRQ5ADkd938InKnk6YUIBHI5o8HzVwFgwGSk7Pyhkoj70kbH+bcA7GSz8GR
vEnaiYYbC5JFfQ0SKEyeUfHhADLX3DW9Ar1c92F3RKPbvmBK7AQxPgqUp4EGr+tt
EcOzuWHsCpMATS/0jSrAp3g23xig7yOvN0js7WbuVpW/7pNEjHdhbnEaXQLYSBuc
QXLEcvkOBFOt5YsRT/eO1LeP0sZDVeZvlG0MwbN7fa+e1jUKAGDVlM4Fov1+Geff
4dHARAXydl9/CPEpKZDXCchZGkeGxCU+jqifrBRCqKOhpDWDya2Xb+4TRQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKCmGyS/yUDVRTYTTDNXGffTQugzMB8GA1UdIwQY
MBaAFOu8DWC9OpC9XjFQnerfRHB2sHjYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjd3TllMMDZrTDFlTVZDZDZ0OUVjSGF3ZU5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8wODBhZjYtOGRjNC00OGU2LTljNjMt
YTZiOTU5OTFjZDJjLzEvb0tZYkpMX0pRTlZGTmhOTU0xY1o5OU5DNkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8wODBhZjYtOGRjNC00OGU2LTljNjMtYTZiOTU5OTFjZDJj
LzEvNjd3TllMMDZrTDFlTVZDZDZ0OUVjSGF3ZU5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQET4YwAwQB
wSAAAwQBwSAEAwQE1C1AMA0EAgACMAcDBQAqAiZgMA0GCSqGSIb3DQEBCwUAA4IB
AQCGNVnFi4TilylJwCDZZ0a4oB5/MNIqNzCZn2sjiMCInKAjztYrCpx6RlSeMnDk
MYGWjkqTL7a/SnJ+Lz3mQJbWoUIuANgyMvYytqcgiRtHnBzdUIBJY/pv0qAvgSef
ehXPg8yh+O7ZuNgkeC06t7VZa+Qe4+SVTRlraQsE3hFgIU6rV0HpEtmyPlKVmMQn
CwFBT1vl/XpYwLpOGr5ZU9kpo9vRWBAG1dWbtQUTpaEdsdcNQ4G+X6cOsYggAoXc
UxBFkh2EAbIHY9/kqhLN85A9TYfXoeFofaAgqLYLqM4O4kFPiJg4lXG6hiHAEZYB
bA6ZiauEAAjpubgBRAUJIs2c
-----END CERTIFICATE-----
Generated at Thu May 23 14:11:31 2024 by rpki-client on console-fra.rpki-client.org